Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 09:52
Behavioral task
behavioral1
Sample
1ad67a7f7e1590f9f81dab4c50699495_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1ad67a7f7e1590f9f81dab4c50699495_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
1ad67a7f7e1590f9f81dab4c50699495_JaffaCakes118.pdf
-
Size
77KB
-
MD5
1ad67a7f7e1590f9f81dab4c50699495
-
SHA1
b2545eca06b477ba0011e3dc9fd7ed0e2e9b9920
-
SHA256
1996be7c20ca5cac265fed2b0e1ae7fe93b2b8911f0b9c2f509e67121f4b09b1
-
SHA512
0515f3a95dbf91eb90d8ed6465bc7126ff1308693b08bdc049d4b2fd7aa11750dcc4e0a5837df8a964a06bb6a61f024b720be9902d6e04bb867f7e073ed795a9
-
SSDEEP
1536:DSXKWz8Mj/o0Bi9f+kUC46s1VK+qzlZ0E38ifWUpO7qWivzNS8st2sJLgfWb:9Wz8GcfEC4LVKb2xiy7Nnt3JLL
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3040 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3040 AcroRd32.exe 3040 AcroRd32.exe 3040 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1ad67a7f7e1590f9f81dab4c50699495_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5e3ed7066182bb6bfce04b13b57984f82
SHA1d053943512247a22887160004fcdac79baac0d66
SHA256b0d5fdc464d56a8fcd899e80746fa71362ee8fb6fee4940da705f40d447b14fb
SHA512bb49667e3ee82e8f45f84a0c905d39ed28e134d61aa604b0d9e9341e90600179db23566377774de4202cd02f15ae2d9938178897ceba2cdf4c579d84830b9c07